Resourcely

Join us June 11th for an interview-style livestream with former Netflix head of security Jason Chan and Resourcely CEO Travis McPeak. We'll deep-dive into DevSecOps and experiences trying to implement it. We'll cover: - How DevSecOps got started - Hear some real stories about adopting DevSecOps at modern organizations like Netflix - What's wrong with DevSecOps today - The future of security embedded into developer workflows See you on June 11th!

Last week our CEO Travis McPeak was on the floor of the NYSE, celebrating Resourcely's inclusion on the #RisingInCyber list from Notable Capital. The 30 companies, chosen by CISOs, VPs of Security, and investors, highlighted companies poised to make a significant impact on the cybersecurity industry. Resourcely is solving misconfiguration - eliminating incidents, and helping developers & companies build faster. Build your secure-by-default practice with the Resourcely configuration engine 🚂 https://www.resourcely.io

Without secure defaults, you're going to be dealing with misconfiguration at scale. What does misconfiguration at scale look like? Confused developers deploying improperly. Access to the public internet. Oversized infra. Incorrect IAM roles. Incidents, breaches, and outages - all the time. Countless hours spent diagnosing, triaging, and fixing. Without secure defaults, you're asking too much of developers who are already stretched too thin. Resourcely gives your team a platform for configuring secure-by-default infrastructure. Listen to the full Risky Business podcast below! 👇 https://lnkd.in/eNnwupzS

🙌 The future is secure defaults 🙌 Developers shouldn't have to make security decisions - they should have the option to. Developers shouldn't be handwriting config - systems should. Free your developers from the burdens of DevSecOps, and give them secure-by-default.

🚨 24 hours until we're live with the Death of DevSecOps - Experiences at Netflix and beyond 🚨 Travis McPeak and Jason Chan will cover the history of security from pre-DevOps, to the development of DevSecOps, and finally take a peak into what the future has in store. Make sure to register and get your access link 👉 https://lnkd.in/ettg33uY

Are you ready to adopt a "Secure Defaults" strategy in your organization? One of the Global System Integrators described us to their team with the following statement. "Resourcely is kind of like an AWS Service Catalog, but 10x better and with support across cloud providers and platforms. Define safe & sane blueprints, then present developers with a nice quick and clean interface for selecting those things, instead of the naked AWS console. Multi-cloud support out of the gate makes for a pretty compelling story, and I really like the security implications of default-deny when it comes to resources (developers can select from blessed service blueprints, which ensures they aren’t accidentally choosing a $30/hr instance type or an unapproved region or a software version that hasn’t been approved by the compliance folks, etc.)." Blueprints are configurable templates used to provision cloud infrastructure resources. Blueprints allow you to: ✅ Define which options are available for properties of your resource(s). ✅ Apply guardrails to your resource(s) to prevent misconfiguration. ✅ Define what information to collect from your developers before resource provision. Once a blueprint has been configured for use it becomes available in the Resourcely service catalog. Resourcely provides 2 different types of blueprints, Resourcely Blueprints, and External Modules. Guardrails govern how cloud resources can be created and altered, preventing infrastructure misconfiguration. Guardrails are applied to Blueprints and Terraform Modules so that they can be verified before resource provisioning. There are three distinct categories of Resourcely guardrails we can implement today: 1️⃣ Constraining Values: We can restrict values based on specific guardrail conditions. For example, instance types should be small. 2️⃣ Emitting Resources/Properties: Based on the context and environmental conditions, we can emit resources or properties. For example, we might emit public access blocks or tags. 3️⃣ Detecting Actions: We can detect actions in Terraform, such as disallowing deletions. Resourcely helps businesses create secure-by-default infrastructure resources and prevents security misconfiguration in the cloud. Our configuration engine helps your developers move faster and while letting your company mitigate risk and minimize incidents by taking a proactive approach to prevent breaches caused by misconfiguration using our Blueprints and Guardrails while integrated into your CICD and IaC workflows. If Dornoch can win the Belmont Stakes, I'm betting your org can gain value by giving our platform a look. 👀 #cloud #security #cicd

ICYMI: 🔐 We're making cloud infrastructure secure and accessible for all with our new policy language, called Really. At Resourcely, our vision is focused: eliminating misconfiguration of cloud infrastructure. That's why we developed Really, a policy language that addresses the complexities and headaches of traditional policy-as-code when applied to cloud resources. Gone are the days of cumbersome policy writing with tools like Rego. With Really, policies are straightforward, quick to implement, and easy to understand & maintain - resembling SQL in their readability. Why did we invest in creating Really? It’s simple: to make life easier for developers, security teams, and platform teams. Learn more about Really and how it’s setting a new standard ➡ https://lnkd.in/eHthV9_E #CloudInfrastructure #PolicyAutomation #DevOps

Did you know that it takes SIX different resources to deploy an Azure VM with connected storage? - Network + Subnet - Resource Group - Storage Account - Storage Container - Storage IAM Reader Role - Virtual Machine When you introduce Terraform nuances and the plethora of configuration options for each service, you have a multi-day effort to configure and deploy. Once you've hacked your Terraform together or found a module that seems to meet your needs, you might find you've accidentally oversized your VM (costing $$), made your storage container public (oops), or allowed public traffic to your storage account (that's the default!). In this video, Resourcely engineer Preston walks through how Resourcely makes it easy to configure and deploy Azure resources safely. With Resourcely blueprints, developers get a paved road to production with helpful context, hinting, and a UI to select options. With Resourcely guardrails, policies prevent accidental configuration that can have security, cost, or access implications. https://lnkd.in/e-FGfJDm Let us know what you think in the comments!

For the last 10 years, software has been struggling to fulfill the the promise of DevSecOps. We've anchored ourselves to a concept that is flawed in nature. Read why in part 2 of the Death of DevSecOps series, and look out for part 3 of Travis' series for the finale next week. https://lnkd.in/eGX9DZt8

We're honored to be included in Notable Capital's Rising in Cyber list, along companies such as Wiz, Orca Security, Drata, and 1Password. Don't just take our word for it: over 100 CISOs and VPs of Security from companies like Amazon, Atlassian, and Netflix nominated and voted on 200 companies to get to the 30 represented in this list. The criteria is 🔥: Resourcely was chosen based on our proven ability to solve critical problems for security teams. Our mission is to stop misconfiguration, which is causing serious incidents every day for software companies around the world. Join the security leaders who selected Resourcely as a rising leader in the space, and put a stop to the misconfiguration that is plaguing your business! https://www.resourcely.io #RisinginCyber